Free Download Microsoft 70-643 PDF Full Version Now (81-90)

QUESTION 81
You install the Web Server (IIS) role on a server that runs Windows Server 2008 R2. Your company’s default Web site has an IP address of 10.10.0.1. You add a Web site named HelpDesk. The HelpDesk Web site cannot be started. You need to configure the Helpdesk Web site so that it can be started.
What should you do?

A.    Run the iisreset /enable command on the server.
B.    Configure the Helpdesk Web site to use a host header.
C.    Run the appcmd add site /name: HelpDesk /id:2 /physicalPath: c:\HelpDesk /binding:http/*:80: helpdesk
command on the server.
D.    Run the set-location Cliteralpath "d:\HelpDesk_content" HelpDesk ID:2 location port:80 domain:helpdesk
command in the Microsoft Windows PowerShell tool on the server.

Answer: B
Explanation:
Configure a Host Header for a Web Site (IIS 7) Host headers (also known as domain names or host names) let you assign more than one site to a single IP address on a Web server. To configure a host header for a site
1. Open IIS Manager. For information about opening IIS Manager, see Open IIS Manager (IIS 7).
2. In the Connections pane, expand the Sites node in the tree, and then select the site for which you want to configure a host header.
3. In the Actions pane, click Bindings.
4. In the Site Bindings dialog box, select the binding for which you want to add a host header and then click Edit or click Add to add a new binding with a host header.
5. In the Host name box, type a host header for the site, such as www.contoso.com.
6. Click OK.
7. To add an additional host header, create a new binding with the same IP address and port, and the new host header. Repeat for each host header that you want to use this IP address and port.

image
Source: http://technet.microsoft.com/en-us/library/cc753195(WS.10).aspx

QUESTION 82
Your company named Contoso, Ltd. has a Web server named WEB1. The Web server runs Windows Server 2008. The fully qualified domain name of WEB1 is web1.contoso.com. The public DNS server has an alias record named owa.contoso.com that maps to web1.contoso.com. Users access WEB1 from the Internet by using http://owa.contoso.com. The new company security policy states that the owa.contoso.com site must be available for Internet users only through secure HTTP (HTTPS) protocol. The security policy also states that users must not get security warnings when they connect to the site. You need to request a certificate from a public certification authority (CA). Which Common Name should you use?

A.    Contoso, Ltd.
B.    owa.contoso.com
C.    WEB1
D.    web1.contoso.com

Answer: B

QUESTION 83
Drag and Drop Question
Your company has a server named VS1 that runs Windows Server 2008 R2 and Hyper-V. You want to create eight virtual servers that run Windows Server 2008 R2 and configure the virtual servers as an Active Directory forest for testing purposes. You discover that VS1 has only 30 GB of free hard disk space. You need to install the eight new virtual servers on VS1. What should you do? (To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.)

image
Answer:

image

QUESTION 84
You manage a server named Server2 that runs Windows Server 2008 R2. You install and test the Remote Desktop Services server role on Server2. You publish an application by using Remote Desktop Services. All users must connect to the Remote Desktop Services application by using the Remote Desktop Protocol. You install and configure the RD Gateway role service on Server2. You configure a default domain policy to enable the Enable Connection through RD Gateway setting.
Users report that they cannot connect to the Remote Desktop Services application. You need to ensure that users can access the Remote Desktop Services application on the intranet and from the Internet. What should you do?

A.    Configure the Enable Connection through RD Gateway Group Policy setting to Disabled.
B.    Configure the Set RD Gateway server address Group Policy and configure the IP address of the RD
Gateway server. Link the Group Policy object (GPO) to the domain.
C.    Configure Server Authentication on the Remote Desktop Connection client to Always connect, even if
server authentication fails for all users.
D.    Enable the Set RD Gateway server authentication method Group Policy to the Ask for credential, use
NTLM protocol setting. Link the Group Policy object (GPO) to the domain.

Answer: B
Explanation:
How to use the Group Policy Management Console (GPMC) to enable connections through RD Gateway. When this policy setting is enabled, when Remote Desktop Services clients cannot connect directly to an internal network resource (computer), the clients will attempt to connect to the computer through the RD Gateway server that is specified in the Set RD Gateway server address policy setting.
Source: http://technet.microsoft.com/en-us/library/cc726011.aspx

QUESTION 85
Your company has a single Active Directory domain. All the servers run Windows Server 2008 R2. You have a server named FS1 that has the File Services server role installed. The disks are configured as shown in the following exhibit.

image
You need to create a new drive volume to support data striping with parity. What should you do?

A.    Add another disk. Create a New RAID-5 Volume.
B.    Create a new Striped Volume by using Disk 1 and Disk 2.
C.    Create a New Mirrored Volume by using Disk 1 and Disk 2.
D.    Create a New Spanned Volume by using Disk 1 and Disk 2.

Answer: C

QUESTION 86
Your company has four regional offices. You install the Windows Deployment Services (WDS) role on the network. Your company creates three images for each office. There are a total of 12 images for the company. The images will be used as standard images for workstations. You deploy the images by using WDS. You need to ensure that each administrator can view only the images for his or her regional office. What should you do?

A.    Create a global group for each regional office and place the computers in the appropriate global group.
B.    Create an organizational unit (OU) for each regional office and place the computers in the appropriate OU.
C.    Place all images into a single image group on the WDS server.
Grant each administrator permissions to the image group.
D.    Place each regional office into a separate image group on the WDS server.
Grant each administrator permissions to his or her regional offices image group.

Answer: D
Explanation:
Image group: Each image group has a unique name and an ACL to specify users who are allowed to deploy OS images from the image group. An image group may contain multiple OS image containers.
Source: http://msdn.microsoft.com/en-us/library/dd891274%28v=prot.10%29.aspx

QUESTION 87
Your company has an Active Directory domain. The company runs Remote Desktop Services. Standard users who connect to the Remote Desktop Session Host Server are in the TSUsers organizational unit (OU). Administrative users are in the TSAdmins OU. No other users connect to the Remote Desktop Session Host Server. You need to ensure that only members of OU1 can run the Remote Desktop Protocol files. What should you do?

A.    Create a Group Policy object (GPO) that configures the Allow .rdp files from unknown publishers policy
setting in the Remote Desktop Client Connection template to Disabled.
Apply the GPO to the TSUsers OU.
B.    Create a Group Policy object (GPO) that configures the Allow .rdp files from valid publishers and users
default .rdp settings policy setting in the Remote Desktop Client Connection template to Disabled.
Apply the GPO to the TSUsers OU.
C.    Create a Group Policy object (GPO) that configures the Allow .rdp files from valid publishers and users
default .rdp settings policy setting in the Remote Desktop Client Connection template to Enabled.
Apply the GPO to the TSAdmins OU.
D.    Create a Group Policy object (GPO) that configures the Specify SHA1 thumbprints of certificates representing
trusted .rdp publishers policy setting in the Remote Desktop Client Connection template to Enabled.
Apply the GPO to the TSAdmins OU.

Answer: C
Explanation:
To ensure that only members of the TermSerAdmin OU can run the Remote Desktop Protocol files, you need to enable the Allow .rdp files from valid publishers and users default .rdp settings policy setting in the Remote Desktop Client Connection template. This policy setting allows you to specify whether users can run Remote Desktop Protocol (.rdp) files from a publisher that signed the file with a valid certificate. A valid certificate is one issued by an authority recognized by the client, such as the issuers in the client’s Third-Party Root Certification Authorities certificate store. This policy setting also controls whether the user can start an RDP session by using default .rdp settings (for example, when a user directly opens the Remote Desktop Connection [RDC] client without specifying an .rdp file). If you enable this policy setting, users can run .rdp files that are signed with a valid certificate. Users can also start an RDP session with default .rdp settings by directly opening the RDC client. When a user starts an RDP session, the user is asked to confirm whether they want to connect. If you disable this policy setting, users cannot run .rdp files that are signed with a valid certificate. Additionally, users cannot start an RDP session by directly opening the RDC client and specifying the remote computer name. When a user tries to start an RDP session, the user receives a message that the publisher has been blocked Reference: Remote Desktop Connection Client http://technet2.microsoft.com/windowsserver2008/en/library/76fb7e12-b823-429b-9887- 05dc70d28d0c1033.mspx?mfr=true

QUESTION 88
You have installed the Web Server (IIS) role on a server with Windows Server 2008. Company uses SMTP for email. You need prevent unauthorized transmissions without disrupting valid email traffic.

A.    Creata firewall role to block all outbound SMTP traffic.
B.    Configure High alert items to be removed in Windows Defender.
C.    Enable the TLS encryption option in the outbound security settings.
D.    Add an SMTP relay restriction that limits access to authorized server on the network.

Answer: D

QUESTION 89
You have a w2k8 IIS server. Your company uses SMTP email. Now you want to prevent the sending of unauthorized email and restrict SMTP only to internal servers without affecting the current mail flow. What should you do?

A.    Block all outbound email with a windows firewall rule
B.    Disable the high alerts in windows defender
C.    Enable tls-encryption on the outbound security
D.    You add a SMTP relay restriction that allows SMTP-relaying only from the servers in your domain

Answer: D

QUESTION 90
Your network contains a server named Server1 that has Microsoft SharePoint Foundation 2010 installed. You configure the incoming email settings to use the SharePoint Directory Management service to create distribution groups and contacts in an organizational unit (OU) named OU1. You need to ensure that email distribution groups created from SharePoint are automatically created in OU1. What should you do?

A.    From Central Administration, create a new trust relationship.
B.    From Central Administration, modify the Directory Management Service Approval List.
C.    From Active Directory Users and Computers, delegate permissions to the SharePoint 2010 Timer service
account in OU1.
D.    From Active Directory Users and Computers, delegate permissions to the SharePoint Central Administration
v4 application pool identity in OU1.

Answer: D
Explanation:
Configure Active Directory Incoming email uses the Microsoft SharePoint Directory Management Service to connect SharePoint sites to the directory services used by your organization. If you enable the Microsoft SharePoint Directory Management Service, users can create and manage distribution groups from SharePoint sites. SharePoint lists that use email can then be found in directory services, such as the Address Book. You must also select which distribution group requests from SharePoint lists require approval. The Microsoft SharePoint Directory Management Service can be installed on a server in the farm, or you can use a remote Microsoft SharePoint Directory Management Service. To use the Microsoft SharePoint Directory Management Service on a farm or server, you must configure the Central Administration application pool identity account to have the Create, delete, and manage user accounts right to the container that you specify in Active Directory. The preferred way to do this is by delegating the right to the Central Administration application pool identity account. An Active Directory administrator must set up the organizational unit (OU) and delegate the Create, delete, and manage user accounts right to the container. The advantage of using the Microsoft SharePoint Directory Management Service on a remote farm is that you do not have to delegate rights to the organizational unit for multiple farm service accounts. If the application pool account for Central Administration is different from the application pool account for the Web application of the list or site that is enabled for email, you must use the application pool account for the Web application when completing the following procedures. You must then delegate additional rights to the Central Administration application pool account. The following procedures are performed on a domain controller that runs Microsoft Windows Server 2003 SP1 (with DNS Manager) and Microsoft Exchange Server 2003 SP1. In some deployments, these applications might run on multiple servers in the same domain. Important: Membership in the Domain Administrators group or delegated authority for domain administration is required to complete this procedure. Create an organizational unit in Active Directory
1. Click Start, point to Control Panel, point to Administrative Tools, and then click Active Directory Users and Computers.
2. In Active Directory Users and Computers, right-click the folder for the second-level domain that contains your server farm, point to New, and then click Organizational Unit.
3. Type the name of the organizational unit, and then click OK. After creating the organization unit, we recommend that you delegate the Create, delete, and manage user accounts right to the container. Important: Membership in the Domain Administrators group or the Enterprise Administrators group in Active Directory, or delegated authority for administration, is required to complete this procedure.
Delegate right to the application pool account
1. In Active Directory Users and Computers, find the organizational unit that you just created.
2. Right-click the organizational unit, and then click Delegate control.
3. On the Welcome page of the Delegation of Control Wizard, click Next.
4. On the Users and Groups page, click Add, and then type the name of the application pool identity account that the Web application uses.
5. In the Select Users, Computers, and Groups dialog box, click OK.
6. On the Users or Groups page of the Delegation of Control Wizard, click Next.
7. On the Tasks to Delegate page of the Delegation of Control Wizard, select the Create, delete, and manage user accounts check box, and then click Next.
8. On the last page of the Delegation of Control Wizard, click Finish to exit the wizard. If you must add permissions for the application pool identity account directly, complete the following procedure. Important: Membership in the Account Operators group, Domain Administrators group, or the Enterprise Administrators group in Active Directory, or delegated authority for administration, is required to complete this procedure.
Add permissions for the application pool account
1. In Active Directory Users and Computers, click the View menu, and then click Advanced Features.
2. Right-click the organizational unit that you just created, and then click Properties.
3. In the Properties dialog box, click the Security tab, and then click Advanced.
4. Click Add, and then type the name of the application pool identity account for the Web application.
5. Click OK.
6. In the Permission Entries section, double-click the application pool identity account.
7. In the Permissions section, under Allow, select the Modify permissions check box.
8. Click OK to close the Permissions dialog box.
9. Click OK to close the Properties dialog box.
10. Click OK to close the Active Directory Users and Computers plug-in. If you decide instead to use the remote Microsoft SharePoint Directory Management Service, you must know the URL for the Web service. This URL is typically in the following format: http:// server:adminport/_vti_bin/SharePointEmailWS.asmx.
Source: http://technet.microsoft.com/en-us/library/cc262947.aspx

If you want to pass Microsoft 70-643 successfully, donot missing to read latest lead2pass Microsoft 70-643 practice exams.
If you can master all lead2pass questions you will able to pass 100% guaranteed.

http://www.lead2pass.com/70-643.html

Why Choose Lead2pass?

If you want to pass the exam successfully in first attempt you have to choose the best IT study material provider, in my opinion, Lead2pass is one of the best way to prepare for the exam.

Lead2pass Testking Pass4sure Actualtests Others
$99.99 $124.99 $125.99 $189 $29.99-$49.99
Up-to-Dated
Real Questions
Error Correction
Printable PDF
Premium VCE
VCE Simulator
One Time Purchase
Instant Download
Unlimited Install
100% Pass Guarantee
100% Money Back